OpenJDK Security Development
only in this topic
Open this post in threaded view
Report Content as Inappropriate
This may not sound like a security related issue but it actually is...
Although entirely uncoordinated, there are several "standards" in the workings based on creating JSON-based clear text alternatives to IETF's JWS signature scheme (which encodes data in Base64Url).
All of these schemes share a common and quite intricate interoperability issue, namely serialization of the JSON "Number" type.
I would therefore propose that the Double object (Number are always stored as double) is augmented with an additional method like toJsonNotation().
I'm currently relying on code that was featured in a previous version of JDK (Rhino):
Newer versions of JDK use another JS engine which produces non-compliant strings :-(
Return to OpenJDK Security Development
1 view|%1 views
Free forum by Nabble
Edit this page